> The SDK’s config ships a flag “use_netifs”: true. That flag triggers code in the SDK binary that constructs its NWConnection with a specific required interface: en0 (WiFi) or pdp_ip0 (cellular), rather than using the system default route.
> On iOS, this bypasses any configured VPN’s tun0 interface entirely. The peer tunnel does not cross a user-configured VPN, even when the rest of the app’s HTTPS traffic does.
What's a legitimate use case for this API? When/why should an app be allowed to bypass a user-configured VPN?
When you're the application providing the VPN or when you're any app built to communicate with something on a local-ish network, not something actually reachable globally.
Look at how far TikTok can go if you try blocking DNS. The hardcoded IPs, self-DNS-resolution and cat-and-mouse game of blocking is quite... interesting.
I think they may have scaled back from this, but they were running a 100% malware-style playbook to hit the Tiktok servers like it was some kinda sketchy C2 package. Lots of attempts of their own DoH (and DoT!) and normal DNS servers to try to get into the Tiktok network.
Which protected characteristic does "personal relationships" fall under? It's vague enough to mean almost anything you want it to be, and I struggle to imagine any sort of successful prosecution.
There’s a reason interviewers in the US won’t (or shouldn’t) even ask if the candidate has a spouse. If they ask something about that specifically, and the answer indicates some kind of protected status (a man says “my husband” or reveal which place of worship they got married in) and they then decline the candidate, the candidate could make the claim they were denied because they’re gay or practice whatever religion or something else.
Asking personal questions could be seen as a way to elicit information about a protected status and thus give a rejected candidate ammunition for a claim, whether warranted or not.
It’s best to just keep questions focused on the workplace.
I think people vastly overstate the amount of actual risk companies are taking when they engage is possibly illegal behavior, especially on this forum.
Likely true, and I’m sure many companies go unpunished despite engaging in it, but that doesn’t make it a good idea, and probably the kind of thing that could ruin a small business if they did get caught up in it.
Having been on the sidelines for spurious claims of this nature, these sorts of lawsuits are a huge risk: the cost of mounting a defense can easily bankrupt a small business, even if the claims turn out to be baseless.
Even in the case of complete innocence, it often becomes a he-said-she-said situation, and the outcome boils down to which side presents the best set of “facts”.
I use quotes there because my broader experience with the court system routinely shows that it does not need be burdened by the “truth” or “facts”. That is probably because the regular cast in those venues are literally trained and practiced liars.
I think it also depends on how big of a company. If someone (say perhaps, GP) mostly has experience in smaller companies, they might not have had the law of large numbers bring the lawsuit cudgel to bear on their company before.
But if you're at a large enough company, you're absolutely getting sued for this from time to time, so you'll have the "how to not get sued" training before you're allowed to interview.
(Edit: this isn't limited to interviews. There's many, many examples of things that large companies will not touch due to legal risk, that smaller companies will... either due to lack of knowledge on the legal risk (maybe no legal department even exists yet?) or intentionally as a gamble)
Never ever prompt someone to discuss personal relationships in an interview. The moment the conversation drifts into religion, family status, child count, sexuality or gender makeup, or any number of other things, you can easily run afoul of state or federal laws, or open yourself to discrimination lawsuits.
Employer fishing to see if the person is married, which will require additional dependents on health insurance. Married is possibly more likely to have kids and take more time off for them or maternity/paternity leave.
Women in a committed relationship can enter a medical situation that renders then unable to work for 6-9 months, + 2 - 3 years of leave afterwards. Men don't, that's just a month or two twice.
It is illegal, and in my book also immoral to deny such a candidate, but the other side of the coin is there.
Excellent article. I'm sad that SpaceX effectively seem to have given up on Mars, but even their much less ambitious "orbital trucking" business seems unrealistic. From the article:
> Finally, there is the launch cadence SpaceX actually targets in their S-1, a million metric tons a year to Earth orbit. That frankly preposterous figure implies 25-30 Starship launches a day, with the exact number contingent on how much payload the final version of the rocket can carry.
> Launching Starship on the hour would also mean permanent no-fly zones for aircraft and a likely environmental backlash against SpaceX, who would be putting significant amounts of water vapor in the stratosphere. Overnight the company would become one of the country’s biggest consumers of methane, electric power, and liquid oxygen. And since a failure rate of 1/200 at this cadence would have Starships falling out of the sky every week, the rocket would have to improve in reliability by at least two orders of magnitude.
> However much you may love SpaceX, there is no number of bong rips that makes this scenario feel real. It’s in the S-1 is to try to prop up the company’s astronomical valuation, but the sooner we can all move past it, the better.
It's hard to disagree with any of that, but I'm sure someone will, just like with datacenters in space.
In my experience only when you implement it correctly. If I add a new method to the interface I can't navigate to the implementations anymore because they don't completely implement the interface.
It is. But it's also an inconvenience. In a language like Java I can just say that a class implements an interface. If the interface changes the compiler and the IDE tell me about the missing methods. Go not so much.
> Due to organizational policy constraints, we are unable to release the full production-trained model weights. To support the research community, we plan to release a foundation checkpoint with a small number of layers removed from both the LLM backbone and the diffusion head (flow head). The remaining layers and all other components (vision encoder, projections, embeddings, etc.) are fully preserved. With a short fine-tuning pass on your own data, the removed layers can be quickly re-learned and the model restored to full quality.
That's because that statement is marginal. The founding father's were very keen to the arguments given by political theorists of their time, such as Locke. It's a large reason why the 1st and 2nd amendment are the two first amendments. They believed the rights to speech and violence are foundational to protecting our natural liberties from succumbing to tyranny.
> On iOS, this bypasses any configured VPN’s tun0 interface entirely. The peer tunnel does not cross a user-configured VPN, even when the rest of the app’s HTTPS traffic does.
What's a legitimate use case for this API? When/why should an app be allowed to bypass a user-configured VPN?
reply